Would you like to play
a role in Creating the
Future of World Trade?

VAC4202 - Information Security Officer

Division Information Technology
Location Dubai, U.A.E.
Department DPW FZE DUBAI PORT INTL
Closing Date 23-Sep-2018
About the Business

DP World is a leading enabler of global trade and an integral part of the supply chain. We operate multiple yet related businesses – from marine and inland terminals, maritime services, logistics and ancillary services to technology-driven trade solutions.

We have a portfolio of 78 operating marine and inland terminals supported by over 50 related businesses in over 40 countries across six continents with a significant presence in both high-growth and mature markets. We aim to be essential to the bright future of global trade, ensuring everything we do has a long-lasting positive impact on economies and society.

Our dedicated team of over 36,000 employees from 103 countries cultivates long-standing relationships with governments, shipping lines, importers and exporters, communities, and many other important constituents of the global supply chain, to add value and provide quality services today and tomorrow.

Container handling is the company’s core business and generates more than three quarters of its revenue. In 2017, DP World handled 70 million TEU (twenty-foot equivalent units) across our portfolio. With its committed pipeline of developments and expansions, the current gross capacity of 88 million TEU is expected to rise to more than 100 million TEU by 2020, in line with market demand.

By thinking ahead, foreseeing change and innovating we aim to create the most productive, efficient and safe trade solutions globally.

About the Role

The management of, and provision of expert advice on, the selection, design, justification, implementation and operation of information security controls and management strategies to maintain confidentiality, integrity, availability, accountability and relevant compliance of information systems.

Key Accountabilities
  1. Develop / maintain a corporate information security strategy, policy, standards and guidelines with specific focus on protecting organization data. Prepare and maintain organizational strategies that address the evolving business risk and information control requirement.

  2. Conduct security risk assessments and mitigation plan for defines business applications or IT installations in defined areas and provide advice and guidance on the application and operation of elementary physical, procedural and technical security controls (e.g. the key controls defined in BS7799, ISO 27001 and ISR of (Government of Dubai).

  3. Protect and defend information system by ensuring availability, integrity, authentication, confidentiality and non-repudiation. Provides for restoration of information system by ensuring that protection, detection and reaction capabilities are incorporated.

  4. The management of, and provision of expert advice on, the selection, design, justification, implementation and operation of information security controls and management strategies to maintain confidentiality, integrity, availability, accountability and relevant compliance of information systems.

  5. Facilitate all information security related audit including scope of audits, timelines, and closing of recommended audit actions.

  6. Act as a change agent for an effective security culture in the organization and review, evaluate and recommend changes in information security policies to ensure compliance with DPW Corporate security policy, ISO 27001, Dubai government’s information Security regulation(ISR), and other Federal / Local Government’s regulatory compliance as per law of the land.

  7. Conduct technical information security assessment of systems and provide recommendations for ensuring compliance with all applicable regulations and certification needs.Implementation and management of Information Security Compliances i.e. ISR, ISO 27001 etc.

  8. Manage technical security compliance with company policy, educating stakeholders and working with them to achieve and record technical security compliance.

  9. Provide the technical road map including technical aspects such as SOC, Data Loss Prevention (DLP), Security Event and Incident Management (SIEM), IPS/ IDS, Firewall and network/ application security solutions.

  10. Acts proactively to prevent potential incident by ensuring that proper protections are in place, such as intrusion detection and prevention systems, firewalls, and effective technical and physical safeguards, and provides for the availability of computer resources by ensuring a business continuity/disaster recovery plan is in place to offset the effects caused by intentional and unintentional acts.

  11. Act as a technical security Subject Matter Expert for the business as a whole.

  12. Manage security incidents including the management of forensics investigation etc.

  13. Worked on Cloud Security, Technical Security Assessment and working knowledge of emerging technologies.  

  14. Remains competent and current through self-directed professional reading, developing professional contacts with colleagues, attending professional development courses, attending training, conferences, and/or courses as directed by the supervisor, and obtaining certifications relevant to job duties.
Experience & Qualification
  • Knowledge and Experience

  • Bachelor’s Degree in Information Technology or equivalent.
  • Should have 5-8 years of experience in IT field with at least 5 years’ experience preferably in combination of Information Security Compliance, Risk Management, Formation of organization Information Security Strategy, implementation of large security projects like SOC, Data Loss Prevention (DLP), SIEM, and Encryption technologies etc. in managing Information Security and risk management.
  • Professional certificate in Information Security such as CISA/CISSP/CISM/ISO 27001/COBIT etc. will be added advantage
  • Implementation of Information Security Compliance ISR and ISO 27001 for large organizations.
  • Performed Information Security Risk Assessment and mitigation strategies for large organizations
  • Demonstrate in-depth and hands-on knowledge on Data protection and monitoring tools.
  • Experience in implementation and overseeing the tools like SOC, DLP, SIEM, IPS/ IDS etc.
  • Experience across database, application and infrastructure security.

  • Soft Skills

  • Analytical skills
  • Communication skills
  • Planning and Project management skills
  • Time management skills
  • Team player and conflict management skills
  • Coaching / guiding skills
  • Political and cultural awareness

  • Technical Skills

  • Experience in latest security technologies (network, application, storage, end-point, cloud and anti-malware), trend, threats and practices
  • Knowledge of DLP, SIEM, SOC and NOC
  • Analytical and report writing skills
  • Writing and maintaining IT security Policies, processes and templates
  • IT Program and Project Management skills
  • IT Risk Management skills
  • IT Compliance skills
  • IT Service Management skills

 

Remuneration and Employment Benefits
  • Accommodation Allowance
  • Transportation Allowance 
  • Education Assistance for Dependents 
  • Annual Air Ticket(s) for self / and dependents
  • Private Medical Coverage for self / and dependents
  • Annual Performance Related Bonus 

 

Back to search